Law enforcement agencies in seven African countries arrested 306 suspects and confiscated 1,842 devices as part of the red card codenamed International Operations, an International Operation, held between November 2024 and February 2025.
The coordinated efforts “are aimed to disrupt and dismantle cross-border criminal networks that are causing significant harm to individuals and businesses,” Interpol said, focusing on targeted mobile banking, investment and messaging app fraud.
Over 5,000 victims were involved in the cyber-response scam. Countries participating in the project include Benin, Cote Daiboir, Nigeria, Rwanda, South Africa, Togo and Zambia.
“The success of Operation Red Cards demonstrates the power of international cooperation in combating cybercrime. Cybercrime can have a devastating impact on individuals and communities without knowing the border,” said Neil Jetton, director of Cybercrime.
“Recovering critical assets and devices, as well as the arrest of key suspects, sends a strong message to cybercriminals that their activities will not be punished.”
As part of the crackdown, Nigerian police have arrested 130 people, including 113 foreigners, on suspicion of involvement in online casinos and investment scams. Some individuals working at fraud centres are said to be victims of human trafficking and are forced to implement illegal schemes.
Another notable surgeries included the arrest of 40 people by South African authorities and the seizing of more than 1,000 SIM cards used in a massive SMS phishing attack.
Elsewhere, Zambian officials have arrested 14 suspected members of the crime syndicate who hacked the victim’s phone by installing malware via an SMS phishing link and gained unauthorized access to the banking app. Group-IB said the malware also allows bad actors to control messaging applications, allowing them to propagate unauthorized links to others.
Russian cybersecurity vendor Kaspersky noted that it shared with Interpol an analysis of malicious Android applications targeting users in African countries, along with information on the relevant infrastructure.
Also, 45 members of the Rwandan authorities’ criminal network have been arrested for involvement in a social engineering scam that fraudulent victims of more than $305,000 in 2024.
“Their tactics included spoofing telecommunications employees, claiming fake ‘jackpot’ victory, extracting sensitive information and gaining access to victims’ mobile banking accounts,” Interpol said. “Another method involved asking the injured family to ask their relatives for financial assistance on the hospital bill.”
News of the arrest are fighting better combat to combat corruption, financial crime, cyber-response fraud and local money laundering just weeks after Interpol announced its partnership with the African Development Bank Group.
Earlier this month, Royal Thai police and Singapore police arrested the heads of more than 90 data leaks worldwide, including 65 in the Asia-Pacific Region (APAC) region. The threat actor was first released on December 4, 2020 and was active under the alias Altdos, Mystic251, Desorden, Ghostr, and 0mid16b.
The attack included the use of SQL injection tools such as SQLMAP, which deployed cobalt strike beacons to access sensitive data and subsequently provide persistent control over compromised hosts.
“He targeted Windows servers for the Internet, searching databases that contain personal information in particular,” Group-IB said in a report detailing the tricks of threat actors. “After breaching these servers, he ruled out the victim’s data and, in some cases, encrypted it on the compromised server.”
The ultimate goal of these attacks was financial gain, oppressed by paying a ransom to the victim or putting public exposure to sensitive data at risk. Several entities in Bangladesh, Canada, India, Indonesia, Malaysia, Pakistan, Singapore and Thailand have leaked data on dark web forums such as CryptBB, Raidforums and Breachforums.
“One of the lasting details across all four of his alias was how to publish stolen data screenshots,” said Group-IB researchers. “Regardless of his rebranding, he consistently uploaded images directly from the same device, revealing important operational fingerprints.”
The development also follows the arrests of almost 12 Chinese citizens accused of committing a new type of tap-to-pay scam, including using stolen credit card information to purchase gift cards and laundry funds.
Source link
